• Back to CeFPro
  • View all events
[email protected] | US: +1 888 677 7007 | UK: +44 (0)207 600 3543
Vendor & Third Party Risk Europe Cross Industry
  • Overview
  • Agenda
  • Speakers
  • Event Insights
  • TPRA & CeFPro Partnership
  • Sponsors
  • ATTEND
  • Search
  • Menu Menu
Day One | November 10 Day Two | November 11

Day Two | November 11

Here is the latest edition of the agenda. As we approach the event, we will be adding speakers and sessions to enhance your experience. To stay informed, please register your interest

RECEIVE EVENT UPDATES
DOWNLOAD THE BROCHURE
8:00
Breakfast and Networking
8:50
Chair’s Opening Remarks
Tower Suite 3-Operational Risk & Resilience
Tower Suite 1-Innovation & Automation
Tower Suite 2 -Regulation & Standards
9:00
Critical Third Parties: Operating Under Dependency and Power Imbalance – PANEL DISCUSSION
Managing third-party risk where control is limited, leverage is low, and vendors dictate terms
View session details...

Key topics

  • Operating effectively within “take-it-or-leave-it” contracts and limited audit rights
  • Managing risk where access, transparency, and control are restricted
  • Defining escalation strategies when critical vendors underperform
  • Using collective pressure, industry forums, and regulatory leverage to influence outcomes

Lisa Migheli,Head of Third Party Risk,MUFG

Anne McGowan,Head of Supplier Management,Lloyds Banking Group

Dominc-Victor,Head of Operational Controls, Risk and Resilience,Somp

9:00
AI Governance in Third-Party Risk Management – PRESENTATION
Establishing governance frameworks to ensure AI-driven TPRM is transparent, accountable, and aligned with regulatory expectations
View session details...

Key topics

  • Defining accountability for AI-enabled decision-making across the third-party lifecycle
  • Ensuring transparency, explainability, and auditability of AI models
  • Aligning AI governance with regulatory and supervisory expectations
  • Embedding AI oversight into enterprise risk and control frameworks
  • Managing model governance, validation, and assurance processes

Ratul Ahmed,Managing Director,Commerzbank

9:00
Why Regulatory Readiness Will Not Save You When the Third Party Fails – PRESENTATION
Demonstrating effective third-party risk management through clear, defensible evidence aligned with regulatory expectations
View session details...

Key topics

  • Documenting risk decisions, actions, and outcomes in a consistent and auditable way
  • Aligning evidence and reporting with evolving regulatory and supervisory expectations
  • Strengthening transparency across governance, controls, and oversight
  • Reducing duplication and manual effort in evidence collection and validation

Sajid Iqbal,Head of Risk,Habib Bank Zurich

9:50
Transition Between Rooms
9:50
9:55
Embedding Resilience into Supplier Contracts and Governance
Embedding resilience into supplier contracts and governance frameworks to ensure enforceable standards and real-world outcomes
View session details...

Key topics

  • Defining clear resilience expectations, responsibilities, and accountability within supplier agreements
  • Aligning contractual obligations with operational resilience and regulatory requirements
  • Embedding performance, recovery, and service continuity standards into contracts
  • Strengthening governance across the contract lifecycle, from onboarding to exit

Neil Stevenson,Head of Supplier & Contract Management,Aegon

9:55
AI-Enabled Third Parties: Managing Supplier Exposure and Dependency Risk
Understanding the operational and strategic risks created by suppliers using AI where visibility, influence, and control are limited
View session details...

Key topics

  • Assessing how suppliers are deploying AI across products, services, and operations
  • Managing dependency risk linked to critical AI-enabled vendors and platforms
  • Addressing visibility gaps across supplier AI usage and external data sources
  • Defining due diligence approaches for AI-enabled suppliers
  • Evaluating the business impact of supplier-driven AI failures or disruption

Mihaela Breg,Head of Operational Resilience & Business Transformation,Europe Arab Bank

9:55
Managing Data Risk Across Third Parties: Strengthening Protection Without Limiting Access
As organisations become increasingly dependent on external providers for data processing, storage and analytics, protecting critical information has become both a compliance and resilience challenge
View session details...

Key topics

  • Managing risks associated with data sharing, access and outsourcing arrangements
  • Monitoring how third parties store, process and transfer sensitive information
  • Addressing data concentration, sovereignty and cross-border transfer risks
  • Embedding privacy and protection requirements into third-party oversight frameworks
  • Managing emerging challenges created by AI, data aggregation and interconnected ecosystems

Andrew Mohammed,Director of Data and AI,OVO

10:45
Morning Refreshment Break and Networking
10:45

11:15
Managing Risk Across Global Supply Chains and Improving Visibility – PRESENTATION
Managing third-party risk across complex global supply chains without compromising speed, efficiency, or operational continuity
View session details...

Key topics

  • Moving from static recovery plans to adaptive, real-time response strategies
  • Managing risk across geographically dispersed and interdependent suppliers
  • Responding to geopolitical, environmental, and systemic disruption
  • Improving end-to-end visibility across multi-tier supply chains
  • Aligning supply chain strategy with resilience and continuity objectives

Hanna Pradera,Global Director, Procurement,Trinseo (tbc)

11:15
Balancing Automation and Human Oversight: Defining Decision Ownership in TPRM – PANEL
Defining decision ownership in AI-enabled environments where accountability, judgement, and control cannot be automated
View session details...

Key topics

  • Establishing clear ownership of decisions across automated and human-led processes
  • Managing conflicts between model outputs and expert judgement
  • Determining when and how human intervention should override automated decisions
  • Embedding accountability and auditability into decision-making frameworks

Kofil Ali,Head of Trading Technology/Chair Operational Risk Committee,Sucden Financial

Samikendra Ghosh,Global Head of Third Party Risk Management,Howdens

11:15
Meeting Incident Reporting Expectations: Improving Response Without Delay
Meeting regulatory expectations for incident reporting through faster response, clear accountability, and effective coordination
View session details...

Key topics

  • Meeting strict regulatory timelines for incident notification and escalation
  • Building real-time visibility across third-party incidents and disruptions
  • Coordinating cross-functional response during live incidents
  • Managing regulator communication under pressure

Tier One Global Consumer Goods Business (TBC)

12:05
Transition Between Rooms
12:05

12:10
Operationalising Scenario Testing: Strengthening Preparedness Across Third Parties
Designing and executing realistic disruption scenarios to strengthen response and recovery capability across third parties.
View session details...

Key topics

  • Designing realistic multi-party disruption scenarios
  • Testing supplier and internal response capabilities under stress
  • Identifying gaps in contingency and recovery planning
  • Translating outputs into actionable improvements

Patrycja Lakomiak,Global Supply & Quality Head of Enterprise Risk Management,Takeda Pharmaceuticals International AG

12:10
Emerging AI Threats in Third-Party Ecosystems
Exploring the evolving cyber, operational, and security threats introduced by AI across interconnected third-party ecosystems
View session details...

Key topics

  • Identifying risks such as adversarial attacks, data poisoning, and model manipulation
  • Understanding threats linked to autonomous and generative AI systems
  • Monitoring emerging attack vectors across AI-enabled supply chains
  • Monitoring emerging attack vectors across AI-enabled supply chains
  • Strengthening resilience against evolving AI-driven threat landscapes
12:10
Assurance Over Third-Party Risk – Who Verifies the Verifiers?
As third-party risk programmes mature, organisations are increasingly challenged to demonstrate independent assurance over their controls and decision-making.
View session details...

Key topics

  • Aligning first, second and third lines of defence
  • Testing the effectiveness of TPRM controls and frameworks
  • Preparing for regulatory reviews and internal audit scrutiny
  • Using assurance findings to drive programme improvement
  • Demonstrating that risk decisions are being consistently applied
1:00-2:30
LUNCH NETWORKING & OPTIONAL ROUNDTABLE DISCUSSIONS
All attendees have access to:
  • Extended networking lunch
  • Meetings with peers, speakers and sponsors
  • Networking lounge and exhibition area
Roundtables are optional, limited to 20 attendees per table, and require advance registration. Attendees not participating in a roundtable may continue networking until sessions resume
1:45-2:30
Optional Roundtable Discussions
All attendees have access to:
  • Limited to 20 attendees per table
  • Advance sign-up required
  • Interactive peer-to-peer discussion format
Roundtables are optional, limited to 20 attendees per table, and require advance registration. Attendees not participating in a roundtable may continue networking until sessions resume
ROUNDTABLE
Reputational Risk in TPRM

Justin Jefferys,Head of Media Relations,ITV

ROUNDTABLE
AI Governance Beyond Compliance

Mihaela Breg,Head of Operational Resilience & Business Transformation,Europe Arab Bank

ROUNDTABLE
Geopolitical Risk and the Supply Chain

Patrycja Lakomiak,Global Supply & Quality Head of Enterprise Risk Management,Takeda Pharmaceuticals International AG

ROUNDTABLE
The Future TPRM Operating Model
ROUNDTABLE
Lessons Learned from Real Third-Party Failures
2:30
Transition Between Rooms
2:30
2:35
Reputational Risk: When Third-Party Failure Becomes a Public Crisis
Using real third-party failures to challenge existing frameworks, expose control weaknesses, and drive meaningful change
View session details...

Key topics

  • Identifying root causes beyond surface-level failures, including control, governance, and dependency gaps
  • Pinpointing where risk identification, escalation, and response mechanisms broke down
  • Assessing the effectiveness of crisis management, communication, and decision-making under pressure
  • Embedding lessons learned into frameworks, controls, and scenario testing
  • Moving from reactive fixes to forward-looking resilience strategies

Justin Jefferys,Head of Media Relations,ITV

Alison Flynn,Global Head of Corporate Affairs,Impla Terminals

Michael Phillips,Head of Crisis Management, Strategic Risk and Communications,Philip Morris International

2:35
Transforming Due Diligence Through Automation and AI
Replacing fragmented TPRM tools with a connected ecosystem that enables real-time visibility, control, and better decision-making
View session details...

Key topics

  • Integrating platforms, data, and workflows across onboarding, monitoring, and incident management
  • Eliminating duplication and manual effort through automation and system interoperability
  • Establishing a single source of truth for third-party risk data across the enterprise
  • Balancing usability with governance, control, and audit requirements
  • Designing an architecture that supports continuous monitoring, AI adoption, and evolving regulatory expectations
2:35
Future of Regulation and Preparing for What’s Next – PRESENTATION
Regulatory expectations are likely to evolve – but how organisations can prepare?
View session details...

Key topics

  • Anticipating expansion of regulatory scope across industries
  • Preparing for increased scrutiny of third-party ecosystems
  • Aligning long-term strategies with regulatory trends
  • Building adaptable and forward-looking compliance frameworks

Teresa Burton,Supplier Risk Manager,CRC Group

3:25
Coffee Break & Wall Transition
3:25
3:55
Risk Is Now Systemic — Are Organisations Built for It?
Organisations must rethink how they manage interconnected third-party ecosystems as systemic risk, critical dependencies, and shared infrastructure create exposure beyond traditional supplier oversight
View session details...

Key topics

  • Understanding how systemic risk is reshaping third-party oversight
  • Why concentration and dependency risk are becoming enterprise-wide challenges
  • Moving beyond siloed ownership of resilience, cyber, procurement, and operations
  • Building organisations capable of withstanding cascading disruption across ecosystems
  • Redefining resilience for a world of interconnected risk

Lucy da Piedade, Managing Director, Head of the Group Controls Office,Deutsche Bank

Luke Bellamy,Lead Engineer for Industrial Resilience, CTO Team, WMG,University of Warwick

4:40
What Comes Next: The Future of Third-Party Risk in a Hyper-Connected World
Emerging risks across AI, cyber, geopolitics, and regulation are reshaping how organisations must approach third-party risk
View session details...

Key topics

  • How AI and automation will redefine third-party ecosystems
  • The rise of systemic and cross-industry risk exposure
  • Preparing for risks that cannot yet be fully quantified
  • What organisations need to build now to remain resilient in the future
5:15
Closing Remark’s and End of Vendor and Third Party Risk Cross Industry
Day One | November 10 Day Two | November 11

About

  • CeFPro Home
  • Privacy Policy
  • Terms and Conditions
  • Disclaimer

Upcoming events

  • Our Flagship Event: Risk Evolve
  • View the full events calendar

Contact Us

Contact Us
[email protected]
+1 888 677 7007
+44 (0)207 600 3543

Scroll to top